FirstBlood-#204Info leak that leads to non admin login



On 2021-05-12, d20s84 reported:

Summary : Private code(invite key) is readily available in reddit forum that can be used with availabe doctor names in order to login credentials .

Steps:

  1. Open the reddit link to obtain the private key : https://www.reddit.com/r/BugBountyHunter/comments/n4xzw1/firstbloodhackerscom_doctor_registration/
  2. Browse to the endpoint : /doctors.html to obtain doctor's name. They can be used as usernames .
  3. feed the credentials to /register.php. Boom !!! The login credentials to non administrative accounts are provided.

P2 High

Endpoint: /register.php

Parameter: -

Payload: -


FirstBlood ID: 15
Vulnerability Type: Auth issues

A doctors invite code is leaked on the internet which if used grants anyone access to the doctor portal. The invite code should expire after use.


Respect Earnt: 1500000
RESPECT ($RSP) is an experimental cryptocurrency based on the Ethereum blockchain with the mission to show respect to those who deserve it. We are testing it out on our FirstBlood hackevent.